With the recent announcement of the new Silent Text product arriving in Apple's App Store soon, the renewed scrutiny has also upped the pressure
for the Silent Circle team to release its application source code.
While some of the deployed protocols are in the public domain, the
source code for particular applications have not been released yet
making it difficult for security researchers to render an informed
opinion on its implementation.

In the security community, this is
vitally important because publicly-available "open" source code with
compilation instructions also allows for independent compiling of the
code, reproducible steps to get an executable, and verification of
hashes against the code that is being downloaded from the App Store. Of
course, not everyone will perform this independent verification for
every download but that isn't really necessary. As long as there is a
reasonable level of awareness regarding the product, any deviation from
original trusted source code will be noticed rapidly.

Set to be approved by Apple
on February 8th, the new encrypted data transfer app enables
peer-to-peer encryption of any digital data -- text, images, audio,
video, and even zipped data files -- all from a tablet or smartphone
with a built-in burn feature. The release of the Silent Text Android
version will follow next.

This is revolutionary technology because
of the consolidated approach to functionality across platforms but even
more so because of its user-friendly implementation. Security
and cryptography products can only be great if they are used and Silent
Circle has gone to great lengths to ensure that the process is as
transparent and hassle-free as possible.

Chief Technical Officer Jon Callas says that, with their new S-Cloud Broker technology based on modified convergent encryption,
Silent Circle side-steps a lot of traditional objections that people
have to cloud systems, such as "the security and privacy of their
valuable data." It permits Silent Circle to run their business while
minimizing the risk to their end customers and, according to Callas,
"this means that there are fewer objections to anyone who wants the
advantages of a cloud service, but has business and regulatory concerns
about their service provider."

The encryption keys do not pass
through the central servers and all cryptographic operations are
performed on the client side. This is something that Cryptocat developer
Nadim Kobeissi knows about intimately. His open-source encrypted
peer-to-peer chat product went through rigorous challenges in the
security community ultimately resulting in safer design choices.

Kobeissi's current challenge
for Silent Circle to release the full source code with proper
documentation is emblematic of the community's attitude towards new
security and encryption products in general. Consequently, many in the
computer security field are reserving judgement about Silent Circle
until the conditions in Kobeissi's challenge can be met.

Despite
the fact that Silent Circle submits their code for several third-party
audits, releasing an app like this one prior to source code release is
bound to raise some questions. The source code for the existing Silent
Text version is here
and the company tells me that the new Silent Text source code will be
released sometime in March or April after confirming legal issues such
as licenses for third-party libraries.

If ever forced to comply
with a U.S. law enforcement request, CEO Mike Janke implies that Silent
Circle can move to a jurisdiction that won’t try to force them to
participate in surveillance operations. However, the legal jurisdiction
may not matter because if the source code is released and readily
verifiable, the malicious participation of Silent Circle to surveil and
host "bad" code for download would be effectively neutered. Short of
crippling Apple's iOS and Google's Android, surveillance operations then would proceed to obtaining the keys in another fashion such as direct keylogging or contempt of court charges relating to key disclosure.

"We
really, really don't have the keys. This is for serious people in
serious situations. I think probably it's not a good idea to trust
crypto software if they don't publish the source code. It's not just [to
look for] back doors, but what if they screw up and make a mistake?

We're
not going to build in any back doors in our service. I've spent my
whole career on the principle of no back doors, so I'm not going to
start now. One thing we won't do is cave in."

For the moment, that's a lot more reassuring than the closed-source, proprietary free app from Wickr that doesn't even intend to release its application source code.

No comments:

Post a Comment

Follow The Monetary Future

Read the Monetary Future

Search the Monetary Future

About Me

I am an e-Money researcher and a Founding Director of the Bitcoin Foundation. My career has included senior influential posts at Sumitomo Bank, VISA, VeriSign, and Hushmail.

"Free-market protagonists, such as Matonis, regard cybercash as better than traditional government-issued or -regulated money, because it is determined by market forces and thus nonpolitical in nature." --Robert Guttmann, Professor of Economics at Hofstra University, in Cybercash: The Coming Era of Electronic Money, 2002

"Matonis is quite correct that the new technology makes easier the use of multiple private currencies." --Mark Bernkopf, Federal Reserve Bank of New York, in "Electronic Cash and Monetary Policy", 1996

"Matonis argues that what is about to happen in the world of money is nothing less than the birth of a new Knowledge Age industry: the development, issuance, and management of private currencies." --Seth Godin in Presenting Digital Cash, 1995